[NCSG-PC] Comments on EPDP

farzaneh badii farzaneh.badii at gmail.com
Tue Jul 10 08:31:16 EEST 2018


Long time ago when I was 18, my friend had bought a car which was a big
deal at the time and we were going from her parents' place to the
university. My friend got distracted, wanting to show me a house in a
street, she hit the traffic light and the traffic light broke collapsing
over her car and just went blinking orange, green and red at our shocked
faces. It was a bizarre feeling. Of course there was serious panic but also
there was a very comical moment. The ePDP document with all the colorful
comments and messiness gave me a very similar feeling.

Now my main points:

1. We should not accept IPC addition to the mission. Also can we get rid of
at a minimum from this paragraph? We are really working on "scope" and
"mission" what does it mean at a minimum? is there a good reason it is
there? If you don't remove it there is a risk that anything can be thrown
at this document:

"This EPDP Team is being chartered to determine, at *a minimum*, if the
Temporary Specification for gTLD Registration Data should become an ICANN
Consensus Policy. As part of this determination, the EPDP Team is, *at a
minimum*, expected to consider the following elements of the Temporary
Specification and answer the following charter questions:


2. Purposes for processing data. I am not so sure why Erika has added this
question:


*a5) How shall legitimacy of collecting data be defined (at least for data
from personal data collected from European users)? (proposed addition from
Erika Mann) *

I thought legitimacy will be defined in accordance to purpose. Also the
mention of "at least for data collected from European users" worries me.


- Susan is suggesting to say should any purposes be "added". Sure, we could
add that word but it has to be mentioned that according to ICANN purpose
and mission, should any data be added.  EDPB specifically says that ICANN
should not conflate its purpose with the interest of third party


3. I see that now even the phase 1, phase 2 has been removed and access has
become a part of EPDP. Can we get rid of accreditation and just discuss
access at this EPDP? I see that Susan Kawaguchi supports this ...

4. Overall we need to have the EDPB recent guidelines into account. On data
retention issue for example for example, the EDPB explicitly says ICANN has
to justify why each element of data has to be retained for two years. So
the question on data retention is not about whether ICANN should adjust
data retention requirements but that if it is justifiable for ICANN to
require data retention of 2 years and on which elements.


5. section J. Please reject all IPC additions.


6.Lets talk about access and not accreditation if we are not winning to
remove access from EPDP. Seems like Susan agrees.






Farzaneh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ncsg.is/pipermail/ncsg-pc/attachments/20180710/b46c12b9/attachment.htm>


More information about the NCSG-PC mailing list